As COVID-19 spreads around the world, many businesses and organisations have begun to offer their services for free – whether they be online resources for university students no longer attending usual lectures, or extended free trials for remote working tools for those who now find themselves working from home.
In some areas, the cybersecurity industry has followed suit. The industry has become even more important as workforces migrate into living rooms and cyber attackers seize opportunities to attack vulnerable victims in the wake of the pandemic.
The VPN service Surfshark has recently announced its intention to offer free six-month subscriptions for small businesses, as more countries tighten quarantine measures and finances become strained.
VPNs are one of the first lines of defence for organisations with employees working from home, as remote connections do not reap the benefits of having a system supervised by IT and cybersecurity professionals.
"Internal networks in office spaces are carefully set up, maintained, and protected by IT admins,” says Surfshark cybersecurity advisor Naomi Hodges.
“It's much more difficult to ensure the safety of each remote employee's network.
“Demand for VPNs has surged significantly – we've received a high number of requests from businesses seeking to warrant that their employees have a safe and private workflow from home,” says Hodges.
“Since Surfshark believes that privacy is an inherent human right, we will provide small businesses with our software for free, as part of our efforts to secure people who are working remotely against cyberattacks."
Surfshark says working from home removes all the security measures put in place by an organisation's IT team, which results in an increased risk of data breaches and leaks of confidential information.
"People working from home are very appealing to cybercriminals," says Hodges.
"It's difficult to ensure that they follow all the necessary security measures. For example, using two-factor authentication and strong passwords, ignoring suspicious emails, always keeping a VPN on – especially if working on shared Wi-Fi.
“Criminals always look for the weakest link, and an unsuspecting employee is a perfect target."
While working remotely without maintained security measures, an employee's device can also get infected by malware. Users must also be wary of phishing campaigns deployed by opportunistic cyber attackers looking to deceive victims fearful of the pandemic and desperate for information.
"As a form of social engineering, it's still one of the most reliable ways to gain access to a network – by merely tricking a person," says Hodges.
"When employees are aware of the risks, they are in a much better position to confront this daily reality and assess any situation that may arise correctly."